centos7安装mysql8以及初始数据库和修改密码

centos7安装mysql8以及初始数据库和修改密码

删除mysql残留

• 查找本机安装的mysql

  rpm -qa | grep -i mysql
  

• 清除msyql安装文件

  yum -y remove MySQL-*
  

• 删除mysql配置文件

  rm -rf /etc/my.cnf
  

• 删除mysq默认密码

  rm -rf /root/.mysql_sercret
  

安装mysql8.0

• 配置mysql8.0的安装源

  rpm -Uvh https://dev.mysql.com/get/mysql80-community-release-el7-3.noarch.rpm
  

  [root@hecs-x-large-2-linux-20200404090311 soft]# rpm -Uvh https://dev.mysql.com/get/mysql80-community-release-el7-3.noarch.rpm
  Retrieving https://dev.mysql.com/get/mysql80-community-release-el7-3.noarch.rpm
  warning: /var/tmp/rpm-tmp.wSMa6H: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
  Preparing… ################################# [100%]
  Updating / installing…
  1:mysql80-community-release-el7-3 ################################# [100%]

• 安装mysql8.0

  yum --enablerepo=mysql80-community install mysql-community-server
  

  [root@hecs-x-large-2-linux-20200404090311 yum.repos.d]# yum --enablerepo=mysql80-community install mysql-community-server
  …

  …

  …

  Installed:
  mysql-community-libs.x86_64 0:8.0.22-1.el7 mysql-community-libs-compat.x86_64 0:8.0.22-1.el7
  mysql-community-server.x86_64 0:8.0.22-1.el7

  Dependency Installed:
  libaio.x86_64 0:0.3.109-13.el7 mysql-community-client.x86_64 0:8.0.22-1.el7
  mysql-community-client-plugins.x86_64 0:8.0.22-1.el7 mysql-community-common.x86_64 0:8.0.22-1.el7

  Dependency Updated:
  postfix.x86_64 2:2.10.1-9.el7

  Replaced:
  mariadb-libs.x86_64 1:5.5.64-1.el7

  Complete!

• 启动mysql服务

  service mysqld start
  

  [root@hecs-x-large-2-linux-20200404090311 yum.repos.d]# service mysqld start
  Redirecting to /bin/systemctl start mysqld.service

• 查看mysql服务状态

  service mysqld status
  

  [root@hecs-x-large-2-linux-20200404090311 yum.repos.d]# service mysqld status
  Redirecting to /bin/systemctl status mysqld.service
  ● mysqld.service - MySQL Server
  Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
  Active: active (running) since Thu 2020-10-29 16:56:07 CST; 3min 0s ago
  Docs: man:mysqld(8)
  http://dev.mysql.com/doc/refman/en/using-systemd.html
  Process: 766 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)
  Main PID: 838 (mysqld)
  Status: “Server is operational”
  CGroup: /system.slice/mysqld.service
  └─838 /usr/sbin/mysqld

  Oct 29 16:55:56 hecs-x-large-2-linux-20200404090311 systemd[1]: Starting MySQL Server…
  Oct 29 16:56:07 hecs-x-large-2-linux-20200404090311 systemd[1]: Started MySQL Server.

修改root用户密码

• 查看临时密码（随机生成）

  grep "A temporary password" /var/log/mysqld.log
  

  [root@hecs-x-large-2-linux-20200404090311 yum.repos.d]# grep “A temporary password” /var/log/mysqld.log
  2020-10-29T08:56:00.645300Z 6 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: suqawlAc)7C%

• 登录并修改临时密码

  mysql -uroot -p
  

  提示输入密码

  [root@hecs-x-large-2-linux-20200404090311 yum.repos.d]# mysql -uroot -p
  Enter password:

  输入临时密码后，修改密码

  ALTER USER 'root'@'localhost' IDENTIFIED BY 'aaaaaa'; 
  

  ALTER USER ‘root’@‘localhost’ IDENTIFIED BY ‘aaaaaa’;
  ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

  这里8.0版本的密码策略是大小写字母+数据+符号

  ALTER USER 'root'@'localhost' IDENTIFIED BY 'Hrz1029!@'; 
  

  mysql> ALTER USER ‘root’@‘localhost’ IDENTIFIED BY ‘Hrz1029!@’;
  Query OK, 0 rows affected (0.01 sec)

  如果想用简单的密码可以修改密码规则

  SHOW VARIABLES LIKE 'validate_password.%'; 
  

  mysql> SHOW VARIABLES LIKE ‘validate_password.%’;
  ±-------------------------------------±-------+
  | Variable_name | Value |
  ±-------------------------------------±-------+
  | validate_password.check_user_name | ON |
  | validate_password.dictionary_file | |
  | validate_password.length | 8 |
  | validate_password.mixed_case_count | 1 |
  | validate_password.number_count | 1 |
  | validate_password.policy | MEDIUM |
  | validate_password.special_char_count | 1 |
  ±-------------------------------------±-------+
  7 rows in set (0.01 sec)

  关于 mysql 密码策略相关参数；
  1）validate_password_length 固定密码的总长度；

  2）validate_password_dictionary_file 指定密码验证的文件路径；
  3）validate_password_mixed_case_count 整个密码中至少要包含大/小写字母的总个数；
  4）validate_password_number_count 整个密码中至少要包含阿拉伯数字的个数；
  5）validate_password_policy 指定密码的强度验证等级，默认为 MEDIUM；

  关于 validate_password_policy 的取值：
  0/LOW：只验证长度；
  1/MEDIUM：验证长度、数字、大小写、特殊字符；
  2/STRONG：验证长度、数字、大小写、特殊字符、字典文件；

  输入：set global validate_password.policy=0;

  改为只校验长度

  6）validate_password_special_char_count 整个密码中至少要包含特殊字符的个数；

  7）validate_password.check_user_name 用户名和密码不能相同

  ​ 输入：set global validate_password.check_user_name=off;

  set global validate_password.length=6;
  set global validate_password.policy=0;
  set global validate_password.check_user_name=off;
  

  mysql> set global validate_password.length=6;
  Query OK, 0 rows affected (0.00 sec)

  mysql> set global validate_password.policy=0;
  Query OK, 0 rows affected (0.00 sec)

  mysql> set global validate_password.check_user_name=off;
  Query OK, 0 rows affected (0.00 sec)

新增数据库

• 创建数据库

  create database xrsdb;
  

• 查看数据库

  show databases;
  

  mysql> show databases;
  ±-------------------+
  | Database |
  ±-------------------+
  | information_schema |
  | mysql |
  | performance_schema |
  | sys |
  | xrsdb |
  ±-------------------+

授权远程访问

• 查看root的host

  select host, user, authentication_string, plugin from user;
  

  mysql> select host, user, authentication_string, plugin from user;
  ±----------±-----------------±-----------------------------------------------------------------------±----------------------+
  | host | user | authentication_string | plugin |
  ±----------±-----------------±-----------------------------------------------------------------------±----------------------+
  | localhost | root | $A$005$%O%9UB4/
  &L"My2gC4OzO3XoPEhPm1SZrKRg1GoqaE5BfpH.o/FXzh4 | caching_sha2_password |
  | localhost | mysql.infoschema | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | caching_sha2_password |
  | localhost | mysql.session | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | caching_sha2_password |
  | localhost | mysql.sys | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | caching_sha2_password |
  ±----------±-----------------±-----------------------------------------------------------------------±----------------------+
  4 rows in set (0.00 sec)

  可以看到root的host是localhost ，改为可以连接的ip或者%

  update user set host = '%' where user.user='root';
  

• 修改加密方式

  show variables like 'default_authentication_plugin';
  

  mysql> show variables like ‘default_authentication_plugin’;
  ±------------------------------±----------------------+
  | Variable_name | Value |
  ±------------------------------±----------------------+
  | default_authentication_plugin | caching_sha2_password |
  ±------------------------------±----------------------+
  1 row in set (0.01 sec)

  Navicat不支持MySQL新版本的这种用户登录账户加密方式，加密方式改成mysql_native_password

  语法:ALTER USER ‘[用户名]’@’%’ IDENTIFIED WITH mysql_native_password BY ‘[密码]’;

  ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY 'aaaaaa';
  

开放3306端口

• 查看防护墙状态

  systemctl status firewalld
  

  [root@hecs-x-large-2-linux-20200404090311 ~]# systemctl status firewalld
  ● firewalld.service - firewalld - dynamic firewall daemon
  Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
  Active: inactive (dead)
  Docs: man:firewalld(1)

• 开启防火墙

  systemctl start firewalld
  

  [root@hecs-x-large-2-linux-20200404090311 ~]# systemctl start firewalld
  [root@hecs-x-large-2-linux-20200404090311 ~]# systemctl status firewalld ● firewalld.service - firewalld - dynamic firewall daemon
  Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
  Active: active (running) since Thu 2020-11-05 10:09:34 CST; 8s ago
  Docs: man:firewalld(1)
  Main PID: 9240 (firewalld)
  CGroup: /system.slice/firewalld.service
  └─9240 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid

  Nov 05 10:09:32 hecs-x-large-2-linux-20200404090311 systemd[1]: Starting firewalld - dynamic firewall daemon…
  Nov 05 10:09:34 hecs-x-large-2-linux-20200404090311 systemd[1]: Started firewalld - dynamic firewall daemon.

• 开放端口

   语法:firewall-cmd [--zone=<zone>] --add-port=<port>[-<port>]/<protocol> [--timeout=<seconds>]
   
   开放3306端口：
  ## zone -- 作用域
  ## add-port=80/tcp -- 添加端口，格式为：端口/通讯协议
  ## permanent -- 永久生效，没有此参数重启后失效
  firewall-cmd --zone=public --add-port=3306/tcp --permanent
  ## 开启3306端口后，workbench或naivcat 就能连接到MySQL数据库了
  

• 重启防火墙

  firewall-cmd --reload
  

• 查看所有打开的端口

  firewall-cmd --zone=public --list-ports
  

  [root@hecs-x-large-2-linux-20200404090311 ~]# firewall-cmd --zone=public --list-ports
  3306/tcp

*问题

• linux下的安装的mysql默认是区分表名的大小写的，而且mysql一旦初始化，想改就很麻烦。最好在初始化的时候配置上忽略大小写

  在/etc/my.cnf，在[mysqld]下面添加 lower_case_table_names=1
  该问题的官方描述

参考Centos7安装mysql8.0教程 Centos7开放3306端口